Notifications
Learn how to configure your notifications settings to get notified by BLACKBIRD
Notifications
BLACKBIRD can be configured to deliver real-time notifications for discovered vulnerabilities, scan status changes and OAST Server invocations.
Setting Up Notifications
To set up notifications, you will be required to enable them first. BLACKBIRD provides 2 types of notifications. In-App Notifications and External Notifications.
In-App Notifications
In-App Notifications are available by default and can be accessed from anywhere on your Pentesting Suite or by navigating to the dedicated notifications page.
External Notifications
BLACKBIRD can also be set up to notify you on your preferred messaging channel. We currently support 4 different types of messaging channels:
- Slack
- Discord
- And, Telegram
The setup process for each one of them is simple and straightforward. Follow the instructions below for your preferred channel.
Setting Up Email Notifications
To receive notifications on your email inbox:
Select Preferred Channel
Select Email from the Preferred Channel list.
Enter Email Address
Next, enter your email address where you’d like to receive notifications on.
Save Your Preferences
Finally, scroll to the bottom of the page and click Save. Alternatively, you can click on Send a test notification to test your new integration.
Setting Up Discord Notifications
To receive notifications on your existing Discord channel:
Select Preferred Channel
Select Discord from the Preferred Channel list.
Create Discord Webhook
Next, you must create a Discord webhook. We recommend you to follow this official guide.
Submit Your Webhook
You will receive a webhook in the following format: https://discord.com/api/webhooks/{Discord ID}/{Discord Token}
. You will have to submit the Discord ID and Discord Token in their respective fields as displayed in the figure below.
Save Your Preferences
Finally, scroll to the bottom of the page and click Save. Alternatively, you can click on Send a test notification to test your new integration.
Setting Up Slack Notifications
To receive notifications on your existing Slack channel:
Select Preferred Channel
Select Slack from the Preferred Channel list.
Create Slack Webhook
Next, you must create a Slack webhook. We recommend you to follow this official guide.
Submit Your Webhook
You will receive a webhook in the following format: https://hooks.slack.com/services/T{Slack Team ID}/B{Slack Bot ID}/{Slack Channel ID}
. You will have to submit the Slack Team ID, the Slack Bot ID and the Slack Channel ID in their respective fields as displayed in the figure below.
Please make sure to only enter the IDs, you do not have to prefix the Slack Team ID or Slack Bot ID with the T and B keywords.
Save Your Preferences
Finally, scroll to the bottom of the page and click Save. Alternatively, you can click on Send a test notification to test your new integration.
Setting Up Telegram Notifications
To receive notifications on your existing Telegram channel:
Select Preferred Channel
Select Telegram from the Preferred Channel list.
Create Telegram Bot
Next, you must create a Telegram Bot. We recommend you to follow this official guide.
Submit Your Bot Credentials
You will receive a Bot Token (for HTTP API access). This Telegram token will be in the following format: {Telegram Chat ID}:{Telegram Bot Token}
. You will have to submit the Telegram Bot Token and the Telegram Chat ID in their respective fields as displayed in the figure below.
Please note that your Telegram Bot Token field must be in the following format: {Telegram Chat ID}:{Telegram Bot Token}
.
Save Your Preferences
Finally, scroll to the bottom of the page and click Save. Alternatively, you can click on Send a test notification to test your new integration.
When Are Notifications Sent?
Notifications are sent on the following occassions:
- When a new security vulnerability has been discovered and validated
- When a scan status changes from pending to success
- When your Private OAST server receives an invocation (for example, a Blind XSS)
- When a change was detected on any of your JavaScript file monitors
To prevent overloading you with notifications, we intentionally surpress notifications for discovered security vulnerabilities with a severity set to informative.
Was this page helpful?